Amazon Fire TV Sticks Falling Prey to Cryptominer

One more reason why you shouldn’t jailbreak your devices.

The cryptocurrency miner malware ADB.miner is not new. However, it’s presence on Amazon Fire TV sticks and other streaming devices is a relatively new find. The malware is spread thanks to the Android Debug Bridge. This functionality is a developer tool, which is intended to allow developers to execute commands remotely. This is of course a perfect entrance for malicious actors.

The Android Debug Bridge should be set to default on any new devices. Realistically, only developers should have any reason to turn this on. However, plenty of streaming devices are being sold that have this feature left on. In this case, it’s not Amazon sending out their devices, but third party jailbreakers. There is a market for these jailbroken devices, with Kodi and shady applications intended to pirate being installed on them. Now, many of these devices are the victim of ADB.miner.

With this specific malware, the devices are taken over and used to mine the cryptocurrency Monero. While it will consume your resources, it doesn’t appear that more malicious activity is taking place, although that could easily be done with the Android Debug Bridge left open as well. Users of an affected Amazon Fire Stick will notice an application called “Test” which will persistently pop up. A factory reset will resolve the infection in a Fire Stick.

ADB.Miner is not only looking for or affecting Amazon’s Fire Stick. It is looking for any android device which has the Android Debug Bridge enabled. With affected devices falling somewhere between 10,000 to 100,000, this is obviously a wide ranging problem.

In this case, piracy does pay, however it’s not those committing the piracy that are receiving the payment. The pirates become the victims as malware creators use their jailbroken devices for their own financial gain.